package com.longchat.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.longchat.dto.system.PermissionProperties;


public class LoginInterceptor implements HandlerInterceptor{

	private static final org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(LoginInterceptor.class); 
	@Autowired
	private PermissionProperties properties;
	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
			throws Exception {
		/*logger.debug("properties==>{}",properties);
		if(properties.isNoNeedValid()){
    		return true;
    	}
        String requestUri = request.getRequestURI();  
        String contextPath = request.getContextPath();  
        String url = requestUri.substring(contextPath.length());
        logger.debug("url==>{},requestUri==>{},contextPath==>{}",url,requestUri,contextPath);
        //如果包含免疫检查地址直接则忽视
        if(properties.getNoValidUrls().contains(url)){
        	return true;
        }
        SysUser user =  (SysUser)request.getSession().getAttribute(Constant.SESSION_USER);
        if(user == null){  
        	if (request.getHeader("x-requested-with") != null&& request.getHeader("x-requested-with").equalsIgnoreCase("XMLHttpRequest"))//如果是ajax请求响应头会有，x-requested-with；   
             {  
                response.setHeader("sessionstatus", "timeout");//在响应头设置session状态   
                response.setStatus(405);
                return false;  
             }else{
	            request.getRequestDispatcher("/").forward(request, response);
	            return false;
            }
        }else {
        	 HandlerMethod hm=(HandlerMethod)handler;
             Class<?> clazz=hm.getBeanType();
             Method m=hm.getMethod();
             if (clazz!=null && m != null ) {
            	 	Permission permission;
                    boolean isMethondAnnotation=m.isAnnotationPresent(Permission.class);
                    if(isMethondAnnotation){
                    	permission=m.getAnnotation(Permission.class);
                    	boolean b = permission.validate();
                    	if(!b){
                    		return true;
                    	}
                    }
             }
        	 List<String> authorUrls = (List<String>)request.getSession().getAttribute(Constant.PERMISSION_URLS);
        	 for(int i=0;i<authorUrls.size();i++){
        		 String rootPath = "/"+authorUrls.get(i);
        		 if(url.equals(rootPath)||url.startsWith(rootPath+"?")){
        			 return true;
        		 }else{
        			 if(i==authorUrls.size()-1){
        				 if (request.getHeader("x-requested-with") != null&& request.getHeader("x-requested-with").equalsIgnoreCase("XMLHttpRequest"))//如果是ajax请求响应头会有，x-requested-with；   
        	             {  
        	                response.setHeader("permission", "notValid");//在响应头设置session状态
        	                response.setStatus(401);
        	                return false;  
        	             }else{
        	            	 request.getRequestDispatcher("/500.html").forward(request, response);
        		            return false;
        	            }
        			 }
        		 }
        	 }*/
        	 return true;
        //}
	}

	@Override
	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
			ModelAndView modelAndView) throws Exception {
		
	}

	@Override
	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
			throws Exception {
		
	}

}
